Encryption configuration elements, Encryption configuration elements 234 – Enterasys Networks CSX6000 User Manual

Page 234

Advertising
background image

USER’S GUIDE

234 CyberSWITCH

7.

Enable the Decryption/Encryption feature. (This selection is a toggle switch).

8.

Configure encryption key implementation:

If you plan to use the CyberSWITCH’s automated key exchange, enable Proprietary Key Ex-
change. (This selection is a toggle switch.) Then skip to step 11.

If you plan to use manually-configured keys, verify that Proprietary Key Exchange is dis-
abled, and continue with step 9.

9.

Specify an 8-byte (16-hex digits) decryption key. This value is an arbitrary value; however, it
must be the same as the encryption key on the other side of the connection.

10. Specify an 8-byte (16-hex digits) encryption key. This value is an arbitrary value; however, it

must be the same as the decryption key on the other side of the connection.

11. Press<RET> to return to the Device Table Menu.

Note:

You may use the same value for both your encryption and decryption keys at a single site.
However, we recommend different values for these keys to provide the utmost security.

Refer to the Background Information section for a pertinent example of

Link Layer Encryption.

U

SING

M

ANAGE

M

ODE

Not supported.

E

NCRYPTION

C

ONFIGURATION

E

LEMENTS

R

ESOURCE

T

YPE

The type of adapter (resource) that plugs into the system. In this specific case, you need to specify
the DES/RSA encryption adapter. This adapter is available to U.S. and Canadian markets only.
Export or use in other countries requires appropriate permission from the U.S. Government.

The DES/RSA adapter implements the Data Encryption Standard algorithm for encryption
purposes, and also includes an RSA chip. (Refer to the

System Adapters

appendix for adapter

illustrations.)

R

ESOURCE

S

LOT

The slot number in the CyberSWITCH into which the resource is plugged. (Do not use slot 1).

The following elements apply to Network Layer Encryption only:

S

ECURITY

A

SSOCIATION

P

ACKET

D

IRECTION

Specifies whether the security associations refer to outgoing packets, incoming packets, or both.
The default is both. For utmost security, you may want to consider configuring separate security

Device PPP Encryption Menu

1) Decryption/Encryption DISABLED
2) Proprietary Key Exchange DISABLED
3) Decryption key
4) Encryption key

Id of parameter to change or <RET> to cancel:

Advertising
This manual is related to the following products:

Cabletron CyberSWITCH CSX5500, CSX7000

Popular Brands
Popular manuals